﻿#region

using System;
using System.Linq;
using System.Web.Mvc;
using System.Web.Security;
using VinhSon.Intranet.Bussiness;
using VinhSon.Intranet.Models;
using VinhSon.Intranet.Models.Security;

#endregion

namespace VinhSon.Intranet.Controllers
{
    public class AccountController : Controller
    {
        protected UnitOfWork UnitOfWork = new UnitOfWork();

        [AllowAnonymous]
        public ActionResult LogOn()
        {
            return View();
        }

        [HttpPost]
        [AllowAnonymous]
        public ActionResult LogOn(LogOnModel model,
                                  string returnUrl)
        {
            if (ModelState.IsValid)
            {
                User user = UnitOfWork.UserRepository.Select(c => c.Username == model.UserName)
                                      .FirstOrDefault();
                if (user != null)
                    if (false == user.Inactive
                       || null == user.Inactive)
                        if (user.IsActivated == true)
                        {
                            if (Constant.CreatePasswordHash(model.Password,
                                                           user.PasswordSalt)
                                       .Equals(user.Password,
                                               StringComparison.CurrentCultureIgnoreCase))
                            {
                                Session["UserId"] = user.Id;
                                AppUtil.InitializeUser(HttpContext.Application,
                                                       model.UserName,
                                                       UnitOfWork);

                                FormsAuthentication.SetAuthCookie(model.UserName,
                                                                  model.RememberMe);
                                if (Url.IsLocalUrl(returnUrl)
                                   && returnUrl.Length > 1
                                   && returnUrl.StartsWith("/")
                                   && !returnUrl.StartsWith("//")
                                   && !returnUrl.StartsWith("/\\"))
                                {
                                    return Redirect(returnUrl);
                                }
                                return RedirectToAction("Index",
                                                        "Home");
                            }
                        }
                ModelState.AddModelError("",
                                         "The user name or password provided is incorrect.");
            }
            return View(model);
        }

        public ActionResult LogOff()
        {
            Session.Clear();
            FormsAuthentication.SignOut();
            string userName = (User != null)
                                      ? User.Identity.Name
                                      : "";
            if (!string.IsNullOrEmpty(userName))
                AppUtil.UserLogOff(HttpContext.Application, userName);
            return RedirectToAction("Index", "Home");
        }

    }
}
